Asia Pacific ICS Security Summit

First Things First

The Top 4 Security Mitigation Strategies

Dr. Eric Cole, SANS Faculty Fellow

Thursday, December 5th, 6:30pm - 7:30pm

Organizations are struggling with cyber security. It seems the more money that is spent, there is an equal increase in attack vectors. While new technologies will help, it is important to focus in on the core areas that will make the biggest impact. These areas need to be aligned with how an adversary breaks into a system.

Targeted intrusions of a computer network can be broken down into three stages, these are:

Stage 1: Code Execution is where an adversary attempts to gain an initial foothold into a computer network. This is typically done by delivering a socially engineered email to a staff member within the organisation containing a malicious attachment or link. If the user opens this link the adversaries‚ malicious code will execute on the endpoint and provide this foothold.

Stage 2: Network Propagation is where an adversary uses this network foothold to spread to other locations inside the compromised computer network. In this stage they are typically looking to gain additional access to multiple internal systems and create reliable methods of accessing these systems in the future, this is also known as gaining ‚persistence‚.

Stage 3: Data Exfiltration is where an adversary has located data of interest and removes this data from a corporate network.

The Top 4 Mitigation strategies provide coverage across all three stages of the intrusion process and an effective way to implement effective security. According to DSD ‚While no single strategy can prevent malicious activity, the effectiveness of implementing the Top 4 Strategies remains very high. At least 85% of the intrusion techniques that ASD responds to involve adversaries using unsophisticated techniques that would have been mitigated by implementing the Top 4 mitigation strategies as a package.‚ In this webcast learn about how attack vectors work and ways the Top 4 can defend against them.

Schedule:

17:45-18:30 Registration

18:30-19:30 Presentation

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.